Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dkd direct mail vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-16698
The direct_mail (aka Direct Mail) extension up to and including 5.2.2 for TYPO3 has a missing access check in the backend module, allowing a user (with restricted permissions to the fe_users table) to view and export data of frontend users who are subscribed to a newsletter.
Dkd Direct Mail
5
CVSSv2
CVE-2013-7400
The Direct Mail (direct_mail) extension prior to 3.1.2 for TYPO3 allows remote malicious users to obtain sensitive information by leveraging improper checking of authentication codes.
Dkd Direct Mail
5
CVSSv2
CVE-2020-12697
The direct_mail extension up to and including 5.2.3 for TYPO3 allows Denial of Service via log entries.
Dkd Direct Mail
4
CVSSv2
CVE-2020-12698
The direct_mail extension up to and including 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables.
Dkd Direct Mail
5.8
CVSSv2
CVE-2020-12699
The direct_mail extension up to and including 5.2.3 for TYPO3 has an Open Redirect via jumpUrl.
Dkd Direct Mail
4
CVSSv2
CVE-2020-12700
The direct_mail extension up to and including 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query.
Dkd Direct Mail
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started